Scanning sites with anti-CSRF tokens

Scanning sites with anti-CSRF tokens enabled is a really hard task to achieve, since the CSRF token implementation can be really strict and make the whole scan useless.
I want to perform these tasks:
Identify the top 3 methods for CSRF (hidden form param, cookie? special header?)
Identify the top 3 implementations (maybe: Django, Ruby, Zend-PHP) and crea…

Scanning sites with anti-CSRF tokens enabled is a really hard task to achieve, since the CSRF token implementation can be really strict and make the whole scan useless.
I want to perform these tasks:
Identify the top 3 methods for CSRF (hidden form param, cookie? special header?)
Identify the top 3 implementations (maybe: Django, Ruby, Zend-PHP) and create test applications
Write tests that scan these three test applications
Modify the framework to PASS these tests